Oracle Blog

Blog for swchan

Wednesday Mar 17, 2010

Oracle GlassFish Server 3.0 is a Java EE 6 container.
It uses JKS as keystore. In GlassFish Enterprise Server v2, it uses
NSS.
In this simple blog, we will show how to set up environments for https outbound connection from
GlassFish v2 to Oracle GlassFish Server 3.0.

Export the certificate from Oracle GlassFish Server 3.0 from JKS.
Change to domain config directory where one can find cacerts.jks and run the following command:
keytool -export -rfc -alias s1as -file s1asv3.cert -keystore cacerts.jks -storepass changeitNote that one should let keytool prompt for password rather than using -storepass.
It is used here for illustration.

Import the certificate to GlassFish Enterprise Server v2.
Note that one need to use a different alias name "s1asv3" as there is already a certificate
of name "s1as" in NSS db. Change to the domain config directory where one can find cert8.db and run the following command:
certutil -A -n s1asv3 -d . -i s1asv3.cert -t "T,c,c"Restart the GlassFish Enterprise Server.